<?php
class news_task{
	public $type_news;
	
	/**
	 * Constructor
	 * 
	 * @author	Armin Borumand
	 */
	public function __construct($obj){
		$this->type_news = $obj;
	}
	
	/**
	 * Fetch news (index)
	 * 
	 * @access  public
	 * @author  Armin Borumand
	 * @return  array   last news details
	 */
	public function index(){
		global $lb;
		
		$num_of_news = $this->count();
		
		if(isset($_GET['from']) && $_GET['from'] > 0){
			$start_news = $num_of_news - $_GET['from'];
		}else{
			$start_news = 0;
		}
		
		if($start_news == 0){
			$news_page  = 0;
			$lb['smarty']->assign('about_news', $this->type_news->about());
		}else{
			$news_page  = floor($start_news / $this->type_news->news_per_page);
		}
		
		$query  = 'SELECT id, time, who_comment, who_confirm_comment, confirmed
					, user_id, (user_id - #) AS author, title, content 
				 FROM #__news_store WHERE news_id = # AND confirmed = # 
				 ORDER BY time DESC LIMIT #, #';
		$params = array(
					array($lb['user']->user_id		, 'int'),
					array($lb['page']->type_id		, 'int'),
					array('true'				, 'string'),
					array($start_news				, 'int'),
					array($lb['cpage']->news_per_page	, 'int')
					);
					
		$result = $lb['db']->query($query, $params);
		
		if($result['result']){
			if($result['num_of_rows'] > 0){
				$can_edit = $this->type_news->can_edit();
				
				for($i=0; $i<$result['num_of_rows']; $i++){
					//adding and overloading required params
					$result['rows'][$i]['user'] = $lb['user']->username($result['rows'][$i]['user_id']);
					lb_system::make_time($result['rows'][$i]['time']);
										
					if($can_edit){
						$result['rows'][$i]['can_edit'] = true;
					}elseif($result['rows'][$i]['author'] == 0){
						$result['rows'][$i]['can_edit'] = true;
					}else{
						$result['rows'][$i]['can_edit'] = false;
					}
				}
				
				$news_pages_num = ceil($num_of_news / $this->type_news->news_per_page);
				
				$lb['smarty']->assign('news_pages_num'	, $news_pages_num);
				$lb['smarty']->assign('news_per_page'	, $this->type_news->news_per_page);
				$lb['smarty']->assign('num_of_news'		, $num_of_news);
				$lb['smarty']->assign('news_page'		, $news_page);
				
				$return = $result['rows'];
			}else{
				$return = array();
			}
		}else{
			$return = false;
		}
		
		$lb['smarty']->assign('can_send', $this->type_news->can_send());
		$lb['smarty']->assign('need_confirm', $this->prepare_confirms(false));
		return $return;
	}
    
    /**
     * Add new news
     * 
     * @access  public
     * @author  Armin Borumand
     * @return  int/bool    news id on success and false on failure
     */  
	public function add(){
		global $lb;
		
		$can_edit_comment_setting = $this->type_news->can_edit_comment_setting() || $this->author_can_edit_comment_setting();
				
		if(isset($_POST['title']) && $this->type_news->can_send()){
		
			if($this->type_news->check_confirm()
			|| isset($_POST['publish']) && $this->type_news->can_confirm()
			|| isset($_POST['publish']) && $this->author_can_confirm()){
				$confirmed = 'true';
			}else{
				$confirmed = 'false';
			}
			
			$_POST['title'] = lb_system::htmlspecialchars($_POST['title']);
			
			$this->input_filter($_POST['content']);
			$this->input_filter($_POST['add_content']);
			
			if($can_edit_comment_setting){
				$query = 'INSERT INTO #__news_store (news_id, who_comment,  who_confirm_comment
										, confirmed, user_id, title, content, add_content)
									VALUES (#, #, #, #, #, #, #, #)';
				$params = array(
							array($lb['page']->type_id			, 'int' ),
							array($_POST['who_comment']			, 'text'),
							array($_POST['who_confirm_comment']		, 'text'),
							array($confirmed					, 'text'),
							array($lb['user']->user_id			, 'int' ),
							array($_POST['title']				, 'text'),
							array($_POST['content']				, 'text'),
							array($_POST['add_content']			, 'text')
							);
			}else{
				$query = 'INSERT INTO #__news_store (news_id, confirmed, user_id, title, content, add_content)
									VALUES (#, #, #, #, #, #)';
				$params = array(
							array($lb['page']->type_id			, 'int' ),
							array($confirmed					, 'text'),
							array($lb['user']->user_id			, 'int' ),
							array($_POST['title']				, 'text'),
							array($_POST['content']				, 'text'),
							array($_POST['add_content']			, 'text')
							);
			}
						
			$result = $lb['db']->query($query, $params);
			
			if($result['result']){
				$return = $result['insert_id'];
			}else{
				$return = false;
			}
			$lb['smarty']->assign('confirmed'			, $confirmed=='true'?true:false);
		}else{

			for($i=2007; $i<2021; $i++){
				$years[$i] = $i;
			}
			for($i=1; $i<=12; $i++){
				$months[$i] = $i;
			}
			for($i=1; $i<=31; $i++){
				$days[$i] = $i;
			}
			
			$can_confirm = $this->type_news->can_confirm() || $this->author_can_confirm();
			$can_save	 = !$this->type_news->check_confirm();
			
			$lb['smarty']->assign('years'				, $years);
			$lb['smarty']->assign('months'			, $months);
			$lb['smarty']->assign('days'				, $days);
			$lb['smarty']->assign('can_send'			, $this->type_news->can_send());
			$lb['smarty']->assign('can_confirm'			, $can_confirm);
			$lb['smarty']->assign('can_save'			, $can_save);
			$lb['smarty']->assign('who_comment'			, $this->type_news->who_comment());
			$lb['smarty']->assign('who_confirm_comment'	, $this->type_news->who_confirm_comment());
			
			lb_system::load_editor();
		}

			$lb['smarty']->assign('can_send', $this->type_news->can_send());
			$lb['smarty']->assign('can_edit_comment_setting', $can_edit_comment_setting);
			
			if(isset($return)){
				return $return;
			}
	}
    
    /*
     * Edit a news
     * 
     * @access  public
     * @author  Armin Borumand
     * @return  bool    true on success and false on failure
     */  
	public function edit(){
		global $lb;
		$can_edit = false;
		
		if(isset($_GET['news_id']) && $_GET['news_id'] > 0){
			$news_id = intval($_GET['news_id']);
		}else{
			$news_id = 1;
		}
		
		$can_edit_comment_setting = $this->type_news->can_edit_comment_setting() || $this->author_can_edit_comment_setting();

		if(isset($_POST['submit']) && ($can_edit = $this->can_edit($news_id))){
			$_POST['title'] = lb_system::htmlspecialchars($_POST['title']);
			
			$this->input_filter($_POST['content']);
			$this->input_filter($_POST['add_content']);
			
			if($can_edit_comment_setting){
				$query  = 'UPDATE #__news_store 
						SET who_comment = #, who_confirm_comment = #, title = #, content = #, add_content = #
						WHERE id = #';
				$params = array(
						array($_POST['who_comment']		, 'text'),
						array($_POST['who_confirm_comment']	, 'text'),
						array($_POST['title']		, 'text'),
						array($_POST['content']		, 'text'),
						array($_POST['add_content']	, 'text'),
						array($news_id			, 'int' )
							);
			}else{
				$query  = 'UPDATE #__news_store 
						SET title = #, content = #, add_content = #
						WHERE id = #';
				$params = array(
						array($_POST['title']		, 'text'),
						array($_POST['content']		, 'text'),
						array($_POST['add_content']	, 'text'),
						array($news_id			, 'int' )
							);				
			}

			$result = $lb['db']->query($query, $params);

			if($result['result']){
				$return = true;				
			}else{
				$return = false;
			}
		}else{
			$query  = 'SELECT *, (user_id - #) AS author FROM #__news_store WHERE id = # AND confirmed = #';
			$params = array(
					array($lb['user']->user_id, 'int'),
					array($news_id		  , 'int'),
					array('true'		  , 'string')
					);

			$result = $lb['db']->query($query, $params);

			if($result['result']){
				$can_edit = $this->type_news->can_edit();
				if($result['num_of_rows'] == 1){
					//adding and overloading required params
					$result['rows'][0]['user'] = $lb['user']->username($result['rows'][0]['user_id']);
					
					$this->output_filter($result['rows'][0]['content']);
					$this->output_filter($result['rows'][0]['add_content']);
					
					if($can_edit){
						$can_edit = $result['rows'][0]['can_edit'] = true;
					}elseif($result['rows'][0]['author'] == 0){
						$can_edit = $result['rows'][0]['can_edit'] = true;
					}else{
						$can_edit = $result['rows'][0]['can_edit'] = false;
					}

					$return = $result['rows'][0];
					
					lb_system::load_editor();
				}else{
					$return = array();
				}
			}else{
				$return = false;
			}
		}
		
		$lb['smarty']->assign('can_edit_comment_setting', $can_edit_comment_setting);
		$lb['smarty']->assign('can_edit', $can_edit);
		return $return;
	}

    /*
     * Remove a news
     * 
     * @access  public
     * @author  Armin Borumand
     * @return  bool    true on success and false on failure
     */  
	public function remove(){
		global $lb;
		$return = NULL;
		
		if(isset($_GET['news_id']) && $can_edit = $this->can_edit($_GET['news_id'])){
			$query  = 'DELETE FROM #__news_store WHERE id = #';
			$params = array(
					array($_GET['news_id'], 'int')
					);

			$result = $lb['db']->query($query, $params);

			if($result['result']){
				$return = true;
			}else{
				$return = false;
			}
		}

		if(isset($can_edit)){
			$lb['smarty']->assign('can_edit', $can_edit);
		}

		return $return;
	}

    /*
     * Return a news compelete details
     * 
     * @access  public
     * @author  Armin Borumand
     * @return  array   a news details
     */  
	public function show(){
		global $lb;
		
		if(isset($_GET['news_id']) && $_GET['news_id'] > 0){
			$news_id = intval($_GET['news_id']);
		}else{
			$news_id = 1;
		}
		
		$query  = 'SELECT 1 AS news_assign, id, time, who_comment, who_confirm_comment, confirmed, user_id
					, title, content, add_content, (user_id - #) AS author
				 FROM #__news_store 
				 WHERE id = # ';
		$params = array(
					array($lb['user']->user_id, 'int'),
					array($news_id		  , 'int')
					);
		
		if(!$this->can_confirm($news_id)){
			$query .= ' AND confirmed = # ';
			$params[] = array('true', 'string');
		}
		
		$query .= 'UNION SELECT 0 AS news_assign, id, time, username, NULL, confirmed, user_id, title, content, NULL, NULL
				 FROM #__news_comment WHERE store_id = # AND confirmed = # ORDER BY news_assign DESC , time DESC';
		$params[] = array($news_id	, 'int');
		$params[] = array('true'	, 'text');
		
		$result = $lb['db']->query($query, $params);
		if($result['result']){
			$can_edit = $this->type_news->can_edit();
			if($result['num_of_rows'] > 0){
				//adding and overloading required params
				$result['rows'][0]['user'] = $lb['user']->username($result['rows'][0]['user_id']);
				lb_system::make_time($result['rows'][0]['time']);
				
				if($can_edit){
					$result['rows'][0]['can_edit'] = true;
				}elseif($result['rows'][0]['author'] == 0){
					$result['rows'][0]['can_edit'] = true;
				}else{
					$result['rows'][0]['can_edit'] = false;
				}

				$who_confirm_comment = $result['rows'][0]['who_confirm_comment'];
				$author_id = $result['rows'][0]['user_id'];

				$can_comment = $this->can_comment($result['rows'][0]['who_comment']);
				$comment_sended = $this->check_send_comment($news_id, $result['rows'][0]['who_confirm_comment']);
				$need_comment_cofirm = $this->prepare_comments_confirms($news_id, $who_confirm_comment, $author_id, false);
				
				if($result['rows'][0]['can_edit']
				||($can_confirm_comment = $this->can_confirm_comment($_GET['news_id'], $who_confirm_comment))
				|| $this->author_can_confirm_comment($who_confirm_comment) && $lb['user']->user_id == $author_id){
					$can_remove_comment = true;
				}else{
					$can_remove_comment = false;
				}
				
				$return = $result['rows'][0];
				
				array_shift($result['rows']);
				
				if(is_array($comment_sended)){
					array_unshift($result['rows'], $comment_sended);
					$comment_sended = true;
				}

				$this->show_comments($result['rows']);
				
				$lb['smarty']->assign('can_comment'   , $can_comment);
				$lb['smarty']->assign('comment_sended', $comment_sended);
				$lb['smarty']->assign('can_remove_comment', $can_remove_comment);
				$lb['smarty']->assign('need_comment_confirm', $need_comment_cofirm);
				
				return $return;
			}else{
				return array();
			}
		}else{
			return false;
		}
	}

	/**
	 * Confirm news
	 *
	 * @access	public
	 * @author	Armin Borumand
	 * @return	boolean	update result
	 */
	public function confirm(){
		global $lb;
		
		if(isset($_GET['news_id']) && $can_confirm = $this->can_confirm($_GET['news_id'])){
			$query  = 'UPDATE #__news_store SET confirmed = # WHERE news_id = # AND id = #';
			$params = array(
					array('true'		  , 'string'),
					array($lb['page']->type_id, 'int'),
					array($_GET['news_id']	  , 'int')
					);
						
			$result = $lb['db']->query($query, $params);
	
			$lb['smarty']->assign('can_confirm', $can_confirm);
			return $result['result'];
		}else{
			$lb['smarty']->assign('need_confirms', $this->prepare_confirms());
		}
	}

	/**
	 * Confirm comment
	 *
	 * @access	public
	 * @author	Armin Borumand
	 * @return	boolean	update result
	 */
	public function confirm_comment(){
		global $lb;
		$news_id = 0;
		$return = NULL;
		
		if(isset($_GET['comment_id'])){
			$query  = 'SELECT st.id, st.user_id, st.who_confirm_comment FROM #__news_comment AS cm
					INNER JOIN #__news_store AS st ON cm.store_id = st.id
					WHERE cm.id = #';
			$params = array(
					array($_GET['comment_id'], 'int')
					);
			
			$result = $lb['db']->query($query, $params);
			if($result['result'] && $result['num_of_rows'] > 0){

				$who_confirm_comment = $result['rows'][0]['who_confirm_comment'];
				$news_id = $result['rows'][0]['id'];
				$author_id = $result['rows'][0]['user_id'];
				
				if(($can_confirm_comment = $this->can_confirm_comment($news_id, $who_confirm_comment))
				|| $this->author_can_confirm_comment($who_confirm_comment) 
					&& $lb['user']->user_id == $author_id){
					$query  = 'UPDATE #__news_comment SET confirmed = # WHERE id = #';
					$params = array(
							array('true'		 , 'string'),
							array($_GET['comment_id'], 'int')
							);
								
					$result = $lb['db']->query($query, $params);
			
					$lb['smarty']->assign('can_confirm_comment', $can_confirm_comment);
					$return = $result['result'];
				}
			}else{
				$return = false;
			}
		}elseif(isset($_GET['news_id'])){
			$news_id = intval($_GET['news_id']);
			$query  = 'SELECT who_confirm_comment, user_id FROM #__news_store WHERE id = #';
			$params = array(
					array($news_id, 'int')
					);

			$result = $lb['db']->query($query, $params);
			if($result['result'] && $result['num_of_rows'] > 0){
			
				$who_confirm_comment = $result['rows'][0]['who_confirm_comment'];
				$author_id = $result['rows'][0]['user_id'];
				
				if($this->can_edit($_GET['news_id'])
				||($can_confirm_comment = $this->can_confirm_comment($_GET['news_id'], $who_confirm_comment))
				|| $this->author_can_confirm_comment($who_confirm_comment)
					 && $lb['user']->user_id == $author_id){
					$can_remove_comment = true;
				}else{
					$can_remove_comment = false;
				}
				
				$lb['smarty']->assign('can_remove_comment', $can_remove_comment);
				$lb['smarty']->assign('need_comments_confirms', $this->prepare_comments_confirms($_GET['news_id']
							   , $who_confirm_comment, $author_id, true));
			}
		}
		
		if($news_id < 1 && isset($_GET['news_id'])){
			$news_id = intval($_GET['news_id']);
		}

		$lb['smarty']->assign('news_id', $news_id);
		return $return;
	}
	
	/**
	 * Remove comments
	 *
	 * @access	public
	 * @author	Armin Borumand
	 * @return	boolean/NULL	NULL or remove result
	 */
	public function remove_comment(){
		global $lb;
		
		$return = NULL;
		
		if(isset($_GET['news_id'])){
			if(!($can_remove = $this->can_edit($_GET['news_id']))){
				$query = 'SELECT who_confirm_comment, user_id FROM #__news_store WHERE id = #';
				$parms = array(
						array($_GET['news_id'], 'int')
						);
				
				$result = $lb['db']->query($query, $params);
				
				if($result['result'] && $result['num_of_rows'] > 0){
					$who_confirm_comment = $result['rows'][0]['who_confirm_comment'];
					$author_id = $result['rows'][0]['user_id'];
					
					if(($can_confirm_comment = $this->can_confirm_comment($_GET['news_id'], $who_confirm_comment))
					|| $this->author_can_confirm_comment($who_confirm_comment) && $lb['user']->user_id == $author_id){
						$can_remove = true;
					}
				}else{
					return false;
				}
			}

			if(isset($_GET['comment_id'])){
				$query  = 'DELETE FROM #__news_comment WHERE id = #';
				$params = array(
						array($_GET['comment_id'], 'int')
						);
			}elseif(isset($_GET['remove_all'])){
				$query  = 'DELETE FROM #__news_comment WHERE store_id = #';
				$params = array(
						array($_GET['news_id'], 'int')
						);				
			}

			$result = $lb['db']->query($query, $params);

			if($result['result']){
				$return = true;
			}else{
				$return = false;
			}
			
			$lb['smarty']->assign('news_id', intval($_GET['news_id']));
		}

		if(isset($can_remove)){
			$lb['smarty']->assign('can_remove_comment', $can_remove);
		}

		return $return;
		
	}

    /*
     * News task method overloading
     * 
     * @access  private
     * @author  Armin Borumand
     * @return  overloaded method return value
     */  
	private function __call($method, $args){
		return $this->index();
	}
	
	/**
	 * Can edit specified news
	 *
	 * @access	private
	 * @author	Armin Borumand
	 * @param		integer	news id
	 * @return	boolean	true if can edit and false if can't edit
	 */
	private function can_edit($id){
		global $lb;

		if($this->type_news->can_edit()){
			$return = true;
		}elseif($this->author_can_edit()){
			$query = 'SELECT id, user_id FROM #__news_store WHERE id = #';
			$params= array(
					array($id, 'int')
					);

			$result = $lb['db']->query($query, $params);
			if($result['result']){
				//if user is author true else false
				$return = ($result['rows'][0]['user_id'] == $lb['user']->user_id);
			}else{
				$return = false;	
			}
		}else{
			$return = false;
		}
		
		return $return;
	}
	
	/**
	 * Can confirm specified news
	 *
	 * @access	private
	 * @author	Armin Borumand
	 * @param	integer	news id
	 * @param	integer	author id
	 * @return	boolean	true if can confirm and false if can't edit
	 */
	private function can_confirm($id, $author_id=0){
		global $lb;
		
		$return = false;
		
		if($this->type_news->can_confirm()){
			$return = true;
		}elseif($this->author_can_confirm()){

			if($author_id < 1){
				$query = 'SELECT id, user_id FROM #__news_store WHERE id = #';
				$params= array(
						array($id, 'int')
						);

				$result = $lb['db']->query($query, $params);
				if($result['result'] && $result['num_of_rows'] > 0){
					//if user is author true else false
					$author_id = $result['rows'][0]['user_id'];
				}
			}
			
			if($author_id == $lb['user']->user_id){
				$return = true;
			}
			
		}
		
		return $return;
	}
	
	/**
	 * Prepare news not confirmed
	 *
	 * @access	private
	 * @author	Armin Borumand
	 * @return	array	news ids
	 */
	private function prepare_confirms($load=true){
		global $lb;
		$run_query = true;
		
		if($this->type_news->can_confirm() && $load){
			$query  = 'SELECT id, title FROM #__news_store WHERE news_id = # AND confirmed = #';
			$params = array(
					array($lb['page']->type_id, 'int'),
					array('false'		  , 'text')
					);
		}elseif($this->type_news->can_confirm() && !$load){
			$query  = 'SELECT count(*) AS count FROM #__news_store WHERE news_id = # AND confirmed = #';
			$params = array(
					array($lb['page']->type_id, 'int'),
					array('false'		  , 'text')
					);
		}elseif($lb['user']->user_id && $this->author_can_confirm() && $load){
			$query  = 'SELECT id, title FROM #__news_store WHERE news_id = # AND user_id = # AND confirmed = #';
			$params = array(
					array($lb['page']->type_id, 'int'),
					array($lb['user']->user_id, 'int'),
					array('false'		  , 'text')
					);
		}elseif($lb['user']->user_id && $this->author_can_confirm() && !$load){
			$query  = 'SELECT count(*) AS count FROM #__news_store WHERE news_id = # AND user_id = # AND confirmed = #';
			$params = array(
					array($lb['page']->type_id, 'int'),
					array($lb['user']->user_id, 'int'),
					array('false'		  , 'text')
					);
		}else{
			$run_query = false;
		}
		
		$return = false;

		if($run_query){
			$result = $lb['db']->query($query, $params);
			if($result['result']){
				if($result['num_of_rows'] > 0){
					if($load){
						foreach($result['rows'] as $row){
							$return[$row['id']] = $row['title'];
						}
					}else{
						$return = $result['rows'][0]['count'];
					}
				}
			}
		}
		
		return $return;
	}
		
	/**
	 * news count
	 *
	 * @access	private
	 * @author	Armin Borumand
	 * @return	integer	news count
	 */
	private function count(){
		global $lb;
		
		$query = 'SELECT count(*) AS count FROM #__news_store WHERE news_id = # AND confirmed = #';
		$params = array(
				array($lb['page']->type_id, 'int'),
				array('true'			 , 'text')
				);
		$result = $lb['db']->query($query, $params);
		
		if($result['result']){
			return $result['rows'][0]['count'];
		}else{
			return false;
		}
	}
	
	/**
	 * Filter input string
	 *
	 * @access	private
	 * @author	Armin Borumand
	 * @param		string	input string
	 * @return	string	filtered string
	 * @see		add, edit
	 */
	private function input_filter(&$string){
		//html allowable tags
		if (!get_magic_quotes_gpc()) {
		    $string = lb_system::addslashes($string);
		}
		
		$allowable = array('<br>', '<a>', '<p>', '<div>', '<b>', '<strike>', '<u>', '<em>', '<strong>'
					   	, '<blockquote>', '<sup>', '<sub>', '<ul>', '<ol>', '<li>', '<table>', '<tr>', '<td>'
						, '<tbody>', '<img>');
		$string = lb_system::strip_tags($string, $allowable);
		
		return $string = lb_system::safe_html($string);
	}
	
	/**
	 * Filter output string
	 *
	 * @access	private
	 * @author	Armin Borumand
	 * @param		string	output string
	 * @return	string	filtered string
	 * @see		add, edit
	 */
	private function output_filter(&$string){
		return $string = lb_system::stripslashes($string);
	}
	
	/**
	 * Show comments
	 *
	 * @access	private
	 * @author	Armin Borumand
	 * @param		array	comments
	 */
	private function show_comments(&$rows){
		global $lb;
		
		if(is_array($rows)){
			$count = count($rows);
		}else{
			$count = 0;
		}
		
		for($i=0; $i<$count; $i++){
			//adding and overloading required params
			if($rows[$i]['user_id'] > 0){
				$rows[$i]['who_comment'] = $lb['user']->username($rows[$i]['user_id']);
				//lb_system::make_time($result['rows'][$i]['time']);
			}
		}
		
		$lb['smarty']->assign('comments', $rows);
	}
	
	/**
	 * Store sended comments
	 *
	 * @access	private
	 * @author	Armin Borumand
	 * @param	integer	news id
	 * @param	string	who can confirm comment
	 * @return	bool/NULL	Null if no comment have been send and true if store comment and false on failure
	 */
	private function check_send_comment($news_id, $who_confirm_comment){
		global $lb;
		
		if(isset($_POST['cm_submit'])){
		
			if($lb['user']->is_user()){
				$user_id  = $lb['user']->user_id;
				$username = '';
			}else{
				$user_id  = 0;
				$username = lb_system::htmlspecialchars($_POST['cm_name']);
			}
			
			$_POST['cm_title']   = lb_system::htmlspecialchars($_POST['cm_title']);
			$_POST['cm_content'] = lb_system::htmlspecialchars($_POST['cm_content']);
				
			if($who_confirm_comment == 'no_body'){
				$confirmed = 'true';
			}else{
				$confirmed = 'false';
			}
			$user_agent = lb_system::htmlspecialchars($_SERVER['REMOTE_ADDR'] . ':' . $_SERVER['HTTP_USER_AGENT']);
			
			$query  = 'INSERT INTO #__news_comment (store_id, user_id, username, user_agent, confirmed, title, content) 
					VALUES (#, #, #, #, #, #, #)';
			$params = array(
					array($news_id		, 'int'),
					array($user_id		, 'int'),
					array($username		, 'text'),
					array($user_agent		, 'text'),
					array($confirmed		, 'text'),
					array($_POST['cm_title'], 'text'),
					array($_POST['cm_content'], 'text')
					);
					
			$result = $lb['db']->query($query, $params);
			
			if(($confirmed = $confirmed == 'true'?true:false) && $result['result']){
				if($user_id > 0){
					$username = $lb['user']->username($user_id);
				}
				$this->say_new_comment($result['insert_id'], $username, $_POST['cm_title'], $_POST['cm_content']);
			}
			
			$lb['smarty']->assign('comment_confirmed', $confirmed);
			
			if($result['result'] && $confirmed){
				return array(
						'news_assign'		=> 0,
						'id'				=> $result['insert_id'],
						'time'			=> NULL,
						'who_comment'		=> $username,
						'who_confirm_comment'	=> NULL,
						'confirmed'			=> $confirmed,
						'user_id'			=> $lb['user']->user_id(),
						'title'			=> $_POST['cm_title'],
						'content'			=> $_POST['cm_content'],
						'add_content'		=> NULL,
						'author'			=> NULL
						);
			}else{
				return $result['result'];
			}
		}else{
			return NULL;
		}
	}
	
	/**
	 * can send comment or not
	 *
	 * @access	private
	 * @author	Armin Borumand
	 * @param	string	who can send comment
	 * @return	boolean	true if can send and false if can't
	 */
	private function can_comment($who_comment){
		global $lb;
		$return = false;

		if($lb['user']->is_moderator() || $lb['user']->is_su()){
			return true;
		}

		switch($who_comment){
			case 'registered_user':
				if($lb['user']->is_user()){
					$return = true;
				}
				break;
			case 'group':
				if($lb['user']->group_id() == $this->user_group['id']){
					$return = true;
				}
				break;
			case 'every_body':
				$return = true;
				break;
			case 'no_body':
				$return = false;
				break;
		}

		return $return;
	}
	
	/**
	 * can confirm comment or not
	 *
	 * @access	private
	 * @author	Armin Borumand
	 * @param	string	who can confirm comment
	 * @return	boolean	true if can confirm and false if can't
	 */
	private function can_confirm_comment($who_confirm_comment){
		global $lb;
		$return = false;

		if($lb['user']->is_moderator() || $lb['user']->is_su()){
			return true;
		}

		switch($who_confirm_comment){
			case 'user':
				if($lb['user']->is_user()){
					$return = true;
				}
				break;
			case 'group':
				if($lb['user']->group_id() == $this->type_news->user_group['id']){
					$return = true;
				}
				break;
			case 'no_body':
				$return = true;
				break;
		}

		return $return;
	}
	
	/**
	 * Prepare comments not confirmed
	 *
	 * @access	private
	 * @author	Armin Borumand
	 * @param	integer	news id
	 * @param	string	who can confirm comment
	 * @param	integer	author id
	 * @param	boolean	load comments or not
	 * @return	array	news ids
	 */
	private function prepare_comments_confirms($news_id, $who_confirm_comment, $author_id=0, $load=true){
		global $lb;
		$run_query = true;
		
		if($this->can_confirm_comment($who_confirm_comment) && $load){
			$query  = 'SELECT * FROM #__news_comment WHERE store_id = # AND confirmed = #';
			$params = array(
					array($news_id, 'int'),
					array('false' , 'text')
					);
		}elseif($this->can_confirm_comment($who_confirm_comment) && !$load){
			$query  = 'SELECT count(*) AS count FROM #__news_comment WHERE store_id = # AND confirmed = #';
			$params = array(
					array($news_id, 'int'),
					array('false' , 'text')
					);
		}elseif($lb['user']->user_id() == $author_id && $this->author_can_confirm_comment($who_confirm_comment) && $load){
			$query  = 'SELECT * FROM #__news_comment WHERE store_id = # AND user_id = # AND confirmed = #';
			$params = array(
					array($news_id		  , 'int'),
					array($lb['user']->user_id, 'int'),
					array('false'		  , 'text')
					);
		}elseif($lb['user']->user_id() == $author_id && $this->author_can_confirm_comment($who_confirm_comment) && !$load){
			$query  = 'SELECT count(*) AS count FROM #__news_comment WHERE store_id = # AND user_id = # AND confirmed = #';
			$params = array(
					array($news_id		  , 'int'),
					array($lb['user']->user_id, 'int'),
					array('false'		  , 'text')
					);
		}else{
			$run_query = false;
		}

		$return = false;

		if($run_query){
			$result = $lb['db']->query($query, $params);
			if($result['result']){
				if($result['num_of_rows'] > 0){
					if($load){
						for($i=0; $i<$result['num_of_rows']; $i++){
							if($result['rows'][0]['user_id'] > 0){
								$result['rows'][0]['username'] = $lb['user']->username($result['rows'][0]['user_id']);
							}
							$return =& $result['rows'];
						}
					}else{
						$return = $result['rows'][0]['count'];
					}
				}
			}
		}
		
		return $return;
	}
	
	/**
	 * Say new comment to author or user by mail sending
	 *
	 * @access	private
	 * @author	Armin Borumand
	 * @param	integer	Comment id
	 * @param	string	username
	 * @param	string	title
	 * @param	string	content
	 * @return	boolean	true on success and false on failure
	 */
	private function say_new_comment($comment_id, $username, $title, $content){
		return true;
	}
	
	/**
	 * Author can edit news or not
	 *
	 * @access	private
	 * @author	Armin Borumand
	 * @return	boolean	true on success and false on failure
	 */
	private function author_can_edit(){
		$who_edit = $this->type_news->who_edit();
		return  $who_edit == 'author' || $who_edit == 'author_group';
	}	

	/**
	 * Author can confirm news or not
	 *
	 * @access	private
	 * @author	Armin Borumand
	 * @return	boolean	true on success and false on failure
	 */	
	private function author_can_confirm(){
		$who_confirm = $this->type_news->who_confirm();
		return  $who_confirm == 'author' || $who_confirm == 'author_group';
	}
	
	/**
	 * Author can edit comment setting or not
	 *
	 * @access	private
	 * @author	Armin Borumand
	 * @return	boolean	true on success and false on failure
	 */
	private function author_can_edit_comment_setting(){
		$who_edit = $this->type_news->who_edit_comment_setting();
		return  $who_edit == 'author' || $who_edit == 'author_group';
	}
	
	/**
	 * Author can confirm comment or not
	 *
	 * @access	private
	 * @author	Armin Borumand
	 * @return	boolean	true on success and false on failure
	 */
	private function author_can_confirm_comment($who_confirm_comment){
		return  $who_confirm_comment == 'author' || $who_confirm_comment == 'author_group';
	}
}
?>
